Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
What is wrong according to this scan?
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: What is wrong according to this scan? (Read 2445 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33926
malware fighter
What is wrong according to this scan?
«
on:
October 17, 2013, 05:37:41 PM »
See:
https://www.whatsmydns.net/#A/img.uptodown.net
and:
https://www.whatsmydns.net/#A/23.62.61.18
re:
http://www.statsgator.co.uk/62203-211-98-70-195.html
Delegation Delegation not found at parent.
No delegation could be found at the parent, making your zone unreachable from the Internet.
Not enough nameserver information was found to test the zone img.uptodown.net, but an IP address lookup succeeded in spite of that.
VW alert: Up(nil): unknown_html ARIN US ip-admin at akamai.com 23.62.61.18 to 23.62.61.18 uptodown dot net htxp://img.uptodown.net/icons/internet-connection-repair-tool.png
Flagged by SOPHOS:
https://www.virustotal.com/en/url/c97ef3cd37615316657c2ce79aba523507553ae4d0201b7eadda3cc9f6e30f59/analysis/1382023538/
IDS alert for same IP on executable download files:
http://urlquery.net/report.php?id=6912202
pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33926
malware fighter
Re: What is wrong according to this scan? [SOLVED]
«
Reply #1 on:
October 17, 2013, 07:08:24 PM »
Has link with: link with sweetpack/sweet im download, a known PUP adware
http://www.mywot.com/en/scorecard/sweetpacks.com?utm_source=addon&utm_content=popup-donuts
toolbar and startpage hackware, (thanks, Pondus, for info link)
But it also is to show the migration of the DNS: 92.242.140.1 for
https://www.whatsmydns.net/#A/23.62.61.18
from a server in Pasdena
Danger - read:
http://www.broadbandreports.com/forum/r26367238-Earthlink-may-have-stopped
.
while we have 93.155.105.142 from the server in St. Petersburg ->
http://urlquery.net/report.php?id=1885053
This due to a mimatch for OpenDNS: It tells you that IP address 92.242.140.1 is the one OpenDNS sees that DNS lookups coming from.
polonus
«
Last Edit: October 17, 2013, 07:22:54 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33926
malware fighter
Re: What is wrong according to this scan?
«
Reply #2 on:
October 17, 2013, 07:33:11 PM »
I did another test here:
http://dnscheck.iis.se/
for this domain:
http://urlquery.net/report.php?id=5008589
Test results:
http://dnscheck.iis.se/?time=1382030895&id=3688489&view=advanced&test=standard
Detected:
https://www.virustotal.com/en/url/16bbe7f285684ef3e5441bf4e0e6f72dc1ecd82d370383838951044dabfb1e6d/analysis/
See:
http://www.mywot.com/en/scorecard/194.63.142.66?utm_source=addon&utm_content=popup-donuts
pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
What is wrong according to this scan?